commit 5e311d32e4079bf7f2db001d4f08db3ac0d93af9 Author: Panu Matilainen <pmatilai@redhat.com> Date: Fri Aug 11 12:48:23 2017 +0300 Really ignore unknown signature tags (RhBug:1480407) Rather embarrassingly, rpm 4.13 fails rpmkeys -K signature verification of rpm 4.14 packages because it doesn't really ignore unknown signature tags like it claims to, and should. And so it reports a bogus failure on the new SHA256 header-only digest. This bug as it is only exists in 4.13.x, older versions are fine and >= 4.14 only ever looks for tags it knows about. diff --git a/lib/signature.c b/lib/signature.c index 1b9fe345f..41bf85893 100644 --- a/lib/signature.c +++ b/lib/signature.c @@ -71,6 +71,7 @@ rpmRC rpmSigInfoParse(rpmtd td, const char *origin, break; default: /* anything unknown just falls through for now */ + sinfo->type = RPMSIG_OTHER_TYPE; break; }